diff --git a/security/vuxml/vuln/2026.xml b/security/vuxml/vuln/2026.xml index 2ed681d7420c..ec7edeeb1c78 100644 --- a/security/vuxml/vuln/2026.xml +++ b/security/vuxml/vuln/2026.xml @@ -1,177 +1,213 @@ + + mail/mailpit -- Cross-Site WebSocket Hijacking + + +mailpit +1.28.2 + + + + +

Mailpit author reports:

+
+

The Mailpit WebSocket server is configured to accept + connections from any origin. This lack of Origin header + validation introduces a Cross-Site WebSocket Hijacking + (CSWSH) vulnerability.

+ +

An attacker can host a malicious website that, when + visited by a developer running Mailpit locally, establishes + a WebSocket connection to the victim's Mailpit instance + (default ws://localhost:8025). This allows the attacker + to intercept sensitive data such as email contents, + headers, and server statistics in real-time.

+
+ + + + CVE-2026-22689 + https://github.com/axllent/mailpit/security/advisories/GHSA-524m-q5m7-79mm + + + 2026-01-10 + 2026-01-10 + + + phpmyfaq -- multiple vulnerabilities phpmyfaq-php82 phpmyfaq-php83 phpmyfaq-php84 phpmyfaq-php85 4.0.16

phpMyFAQ team reports:

Stored cross-site scripting (XSS) and unauthenticated config backup download vulnerability

 https://www.phpmyfaq.de/security/advisory-2025-12-29/ 2025-12-29 2026-01-10 chromium -- multiple security fixes chromium 143.0.7499.192 ungoogled-chromium 143.0.7499.192

Chrome Releases reports:

This update includes 1 security fix:

  • [463155954] High CVE-2026-0628: Insufficient policy enforcement in WebView tag. Reported by Gal Weizman on 2025-11-23
 CVE-2026-0628 https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop.html 2026-01-06 2026-01-07 security/libsodium -- crypto_core_ed25519_is_valid_point mishandles checks for whether an elliptic curve point is valid libsodium 1.0.21

Libsodium maintainer reports:

The function crypto_core_ed25519_is_valid_point(), a low-level function used to check if a given elliptic curve point is valid, was supposed to reject points that aren't in the main cryptographic group, but some points were slipping through.

 CVE-2025-69277 https://00f.net/2025/12/30/libsodium-vulnerability/ 2025-12-30 2026-01-07 mail/mailpit -- Server-Side Request Forgery mailpit 1.28.1

Mailpit author reports:

A Server-Side Request Forgery (SSRF) vulnerability exists in Mailpit's /proxy endpoint that allows attackers to make requests to internal network resources.

The /proxy endpoint allows requests to internal network resources. While it validates http:// and https:// schemes, it does not block internal IP addresses, allowing attackers to access internal services and APIs.

 CVE-2026-21859 https://github.com/axllent/mailpit/security/advisories/GHSA-8v65-47jx-7mfr 2026-01-06 2026-01-06 net-mgmt/net-snmp -- Remote Code Execution (snmptrapd) net-snmp 5.9.5

net-snmp development team reports:

A specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash.

 CVE-2025-68615 https://github.com/net-snmp/net-snmp/security/advisories/GHSA-4389-rwqf-q9gq 2025-12-23 2026-01-06 gstreamer1-plugins-bad -- Out-of-bounds reads in MIDI parser gstreamer1-plugins-bad 1.26.10

The GStreamer Security Center reports:

Multiple out-of-bounds reads in the MIDI parser that can cause crashes for certain input files.

 CVE-2025-67326 CVE-2025-67327 https://gstreamer.freedesktop.org/security/sa-2025-0009.html 2025-12-27 2026-01-04